thinkier · November 15, 2024 07:26
diff --git a/pico_w_https.ino b/pico_w_https.ino
 #include <WiFi.h>
 #include "__private_key_material.h"

 // ISRG Root X2 (ECDSA P-384)
 const char* ANCHOR_CA = R"EOF(
 -----BEGIN CERTIFICATE-----
 MIICGzCCAaGgAwIBAgIQQdKd0XLq7qeAwSxs6S+HUjAKBggqhkjOPQQDAzBPMQsw
 CQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFyY2gg
 R3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBYMjAeFw0yMDA5MDQwMDAwMDBaFw00
 MDA5MTcxNjAwMDBaME8xCzAJBgNVBAYTAlVTMSkwJwYDVQQKEyBJbnRlcm5ldCBT
 ZWN1cml0eSBSZXNlYXJjaCBHcm91cDEVMBMGA1UEAxMMSVNSRyBSb290IFgyMHYw
 EAYHKoZIzj0CAQYFK4EEACIDYgAEzZvVn4CDCuwJSvMWSj5cz3es3mcFDR0HttwW
 +1qLFNvicWDEukWVEYmO6gbf9yoWHKS5xcUy4APgHoIYOIvXRdgKam7mAHf7AlF9
 ItgKbppbd9/w+kHsOdx1ymgHDB/qo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0T
 AQH/BAUwAwEB/zAdBgNVHQ4EFgQUfEKWrt5LSDv6kviejM9ti6lyN5UwCgYIKoZI
 zj0EAwMDaAAwZQIwe3lORlCEwkSHRhtFcP9Ymd70/aTSVaYgLXTWNLxBo1BfASdW
 tL4ndQavEi51mI38AjEAi/V3bNTIZargCyzuFJ0nN6T5U6VR5CmD1/iQMVtCnwr1
 /q4AaOeMSQ+2b1tbFfLn
 -----END CERTIFICATE-----
 )EOF";
 WiFiClientSecure client;
 X509List x509(ANCHOR_CA);


 // Set time via NTP, as required for x.509 validation
 void setClock() {
  NTP.begin("1.pool.ntp.org", "2.pool.ntp.org");

  Serial.print("Waiting for NTP time sync: ");
  NTP.waitSet([]() {
    Serial.print(".");
  });
  Serial.println();
  time_t now = time(nullptr);
  struct tm timeinfo;
  gmtime_r(&now, &timeinfo);
  Serial.print("Current time: ");
  Serial.print(asctime(&timeinfo));
 }

 void setup() {
  Serial.begin(115200);
  while (!Serial) {}

  Serial.print("Waiting for WiFi: ");
  while (WiFi.begin(STASSID, STAPSK) != WL_CONNECTED) {
    // failed, retry
    Serial.print(".");
    delay(5000);
  }
  Serial.println();

  Serial.print("You're connected to the network ");
  Serial.println(STASSID);
  setClock();
  client.setTrustAnchors(&x509);
 }

 void fetchURL(const char *host, const uint16_t port, const char *path) {
  if (!path) {
    path = "/";
  }

  Serial.printf("Trying: %s:443...", host);
  client.connect(host, port);
  if (!client.connected()) {
    Serial.printf("*** Can't connect. ***\n-------\n");
    return;
  }
  Serial.printf("Connected!\n-------\n");
  client.write("GET ");
  client.write(path);
  client.write(" HTTP/1.0\r\nHost: ");
  client.write(host);
  client.write("\r\nUser-Agent: Raspberry Pi Pico W\r\n");
  client.write("\r\n");
  uint32_t to = millis() + 5000;
  if (client.connected()) {
    do {
      char tmp[32];
      memset(tmp, 0, 32);
      int rlen = client.read((uint8_t *)tmp, sizeof(tmp) - 1);
      yield();
      if (rlen < 0) {
        break;
      }
      // Only print out first line up to \r, then abort connection
      char *nl = strchr(tmp, '\r');
      if (nl) {
        *nl = 0;
        Serial.print(tmp);
        break;
      }
      Serial.print(tmp);
    } while (millis() < to);
  }
  client.stop();
  Serial.printf("BSSL stack used: %lu\n-------\n\n", stack_thunk_get_max_usage());
 }

 void loop() {
  fetchURL("valid-isrgrootx2.letsencrypt.org", 443, "/");
  delay(60000);
 }
	#include <WiFi.h>
	#include "__private_key_material.h"

	// ISRG Root X2 (ECDSA P-384)
	const char* ANCHOR_CA = R"EOF(
	-----BEGIN CERTIFICATE-----
	MIICGzCCAaGgAwIBAgIQQdKd0XLq7qeAwSxs6S+HUjAKBggqhkjOPQQDAzBPMQsw
	CQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFyY2gg
	R3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBYMjAeFw0yMDA5MDQwMDAwMDBaFw00
	MDA5MTcxNjAwMDBaME8xCzAJBgNVBAYTAlVTMSkwJwYDVQQKEyBJbnRlcm5ldCBT
	ZWN1cml0eSBSZXNlYXJjaCBHcm91cDEVMBMGA1UEAxMMSVNSRyBSb290IFgyMHYw
	EAYHKoZIzj0CAQYFK4EEACIDYgAEzZvVn4CDCuwJSvMWSj5cz3es3mcFDR0HttwW
	+1qLFNvicWDEukWVEYmO6gbf9yoWHKS5xcUy4APgHoIYOIvXRdgKam7mAHf7AlF9
	ItgKbppbd9/w+kHsOdx1ymgHDB/qo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0T
	AQH/BAUwAwEB/zAdBgNVHQ4EFgQUfEKWrt5LSDv6kviejM9ti6lyN5UwCgYIKoZI
	zj0EAwMDaAAwZQIwe3lORlCEwkSHRhtFcP9Ymd70/aTSVaYgLXTWNLxBo1BfASdW
	tL4ndQavEi51mI38AjEAi/V3bNTIZargCyzuFJ0nN6T5U6VR5CmD1/iQMVtCnwr1
	/q4AaOeMSQ+2b1tbFfLn
	-----END CERTIFICATE-----
	)EOF";
	WiFiClientSecure client;
	X509List x509(ANCHOR_CA);


	// Set time via NTP, as required for x.509 validation
	void setClock() {
	NTP.begin("1.pool.ntp.org", "2.pool.ntp.org");

	Serial.print("Waiting for NTP time sync: ");
	NTP.waitSet([]() {
	Serial.print(".");
	});
	Serial.println();
	time_t now = time(nullptr);
	struct tm timeinfo;
	gmtime_r(&now, &timeinfo);
	Serial.print("Current time: ");
	Serial.print(asctime(&timeinfo));
	}

	void setup() {
	Serial.begin(115200);
	while (!Serial) {}

	Serial.print("Waiting for WiFi: ");
	while (WiFi.begin(STASSID, STAPSK) != WL_CONNECTED) {
	// failed, retry
	Serial.print(".");
	delay(5000);
	}
	Serial.println();

	Serial.print("You're connected to the network ");
	Serial.println(STASSID);
	setClock();
	client.setTrustAnchors(&x509);
	}

	void fetchURL(const char host, const uint16_t port, const char path) {
	if (!path) {
	path = "/";
	}

	Serial.printf("Trying: %s:443...", host);
	client.connect(host, port);
	if (!client.connected()) {
	Serial.printf("* Can't connect. *\n-------\n");
	return;
	}
	Serial.printf("Connected!\n-------\n");
	client.write("GET ");
	client.write(path);
	client.write(" HTTP/1.0\r\nHost: ");
	client.write(host);
	client.write("\r\nUser-Agent: Raspberry Pi Pico W\r\n");
	client.write("\r\n");
	uint32_t to = millis() + 5000;
	if (client.connected()) {
	do {
	char tmp[32];
	memset(tmp, 0, 32);
	int rlen = client.read((uint8_t *)tmp, sizeof(tmp) - 1);
	yield();
	if (rlen < 0) {
	break;
	}
	// Only print out first line up to \r, then abort connection
	char *nl = strchr(tmp, '\r');
	if (nl) {
	*nl = 0;
	Serial.print(tmp);
	break;
	}
	Serial.print(tmp);
	} while (millis() < to);
	}
	client.stop();
	Serial.printf("BSSL stack used: %lu\n-------\n\n", stack_thunk_get_max_usage());
	}

	void loop() {
	fetchURL("valid-isrgrootx2.letsencrypt.org", 443, "/");
	delay(60000);
	}